<?php
include_once('common/header.php');
if($AppUI->id <= 0 || (isset($_SESSION['user']) && ($_SESSION['user'] <= 0))) {
	Vfriend_Function::redirect(HOST_BACKEND);
}
$intError	= 0;
$strBackUrl	= '';
if(isset($_SESSION['user']) && (($_SESSION['user']&1<<2) != 0)) {
	$intUserId 			= $objRequest->getParam('puserid', 0);
	$intStatuses 		= $objRequest->getParam('pstatuses', 0);
	$intPage 			= $objRequest->getParam('ppage', 0);
	$strBackUrl			= $objRequest->getParam('pbackurl', 0);
	$strPassword		= $objRequest->getParam('ppassword', '');
	$strPasswordConf	= $objRequest->getParam('ppassword_confirm', '');
	$strEmail			= $objRequest->getParam('pemail', '');
	if($strPassword == '') {
		$intError = 2;
	}
	if(strlen($strPassword) < 5 && $strPassword != '') {
		$intError = 3;
	}
	if($strPasswordConf == '') {
		$intError = 5;
	}
	if($strPasswordConf != '' && $strPassword != '' && $strPassword != $strPasswordConf) {
		$intError = 4;
	}
	if($intError == 0) {
		$objVfriendUser	= new Vfriend_User();
		$objVfriendUser->updatePassword($intUserId, md5($strPassword), $strEmail);
		$strBackUrl .= '?page=' . $intPage;
	}
	else {
		$strBackUrl = HOST_BACKEND . 'user/changepass?userid=' . $intUserId . '&statuses=' . $intStatuses . '&page=' . $intPage;
	}
} else {
	$intError = 1;
}
if($intError == 0) {
	Vfriend_Function::setMsg($arrMessage[4]);
} else {
	Vfriend_Function::setError($arrError[$intError]);
}
Vfriend_Function::redirect( (($strBackUrl == '') ? HOST_BACKEND : $strBackUrl));
?>